<?
session_start();
if (isset($_SESSION["sess_Username"])) { echo"<meta http-equiv='refresh' content='0;URL=admin_home.php'>";}
else if (isset($_SESSION["sess_user_register"])){ echo"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' /> <script>alert('คุณไม่มีสิทธิ์ในการเข้าใช้งาน');JavaScript:history.back();</script>";}
else{
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ยินดีต้อนรับเข้าสู่ ระบบบริการสื่อมัลติมีเดียด้านการเกษตร</title>
<link rel="stylesheet" href="standard.css" type="text/css" />
<script>
function btn_focus(){
document.frmLogin.btnSubmit.focus();
}
</script>

<script>  
	function chklogin(){
		if(document.frmLogin.user.value=='' && document.frmLogin.passwd.value==''){
			alert('กรุณากรอก ชื่อเข้าใช้งาน และ รหัสผ่าน');
			$code = '3';
			document.frmLogin.user.focus();
			return false;
		} else if(document.frmLogin.user.value==''){
			alert('กรุณากรอก ชื่อเข้าใช้งาน');
			$code = '3';
			document.frmLogin.user.focus();
			return false;
		}else if(document.frmLogin.passwd.value==''){
			alert('กรุณากรอก รหัสผ่าน');
			$code = '3';
			document.frmLogin.passwd.focus();
			return false;
		} else {
			//document.frmLogin.submit();
			if(document.frmLogin.user.value.length < 6){
				alert('กรุณากรอกชื่อเข้าใช้งานอย่างน้อย 6 ตัวอักษร');
				document.frmLogin.user.focus();
				return false;
			}else if(document.frmLogin.passwd.value.length < 6){
				alert('กรุณากรอกรหัสผ่านอย่างน้อย 6 ตัวอักษร');
				document.frmLogin.passwd.focus();
				return false;
			}else{
				return true;
			}
		}
}
</script>

<script type="text/javascript">
<!--
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}

function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
//-->
</script>

</head>

<body onload="MM_preloadImages('img/m_main2.jpg','img/m_register2.jpg','img/m_multimedia2.jpg','img/m_manual2.jpg','img/m_evaluate2.jpg','img/m_admin2.jpg','img/m_static2.jpg','img/m_topten2.jpg')">
<table width="1024" height="659" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#666600">
  <tr>
    <td height="215" align="center" valign="top" bgcolor="#CCCCCC"><table width="1024" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td height="170" background="img/headNew2.jpg" bgcolor="#FFFFFF">&nbsp;</td>
      </tr>
    </table>
      <table width="824" border="0" cellpadding="0" cellspacing="0" bordercolor="#FF0000">
        <tr>
          <td width="103" height="45" align="center"><a href="index.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image12','','img/m_main2.jpg',1)"><img src="img/m_main.jpg" name="Image12" width="115" height="45" border="0" id="Image12" /></a></td>
          <td width="103" align="right"><a href="user_register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image13','','img/m_register2.jpg',1)"><img src="img/m_register.jpg" name="Image13" width="115" height="45" border="0" id="Image13" /></a></td>
          <td width="103" align="right"><a href="vdo_list.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image14','','img/m_multimedia2.jpg',1)"><img 
src="img/m_multimedia.jpg" name="Image14" width="117" height="45" border="0" id="Image14" /></a></td>
          <td width="103"><a href="vdo_top10.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image11','','img/m_topten2.jpg',1)"><img 
src="img/m_topten.jpg" name="Image11" width="115" height="45" border="0" id="Image11" /></a></td>
          <td width="103"><a href="admin_report_search.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image10','','img/m_static2.jpg',1)"><img 
src="img/m_static.jpg" name="Image10" width="215" height="45" border="0" id="Image10" /></a></td>
          <td width="103"><a href="manual.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image9','','img/m_manual2.jpg',1)"><img src="img/m_manual.jpg" name="Image9" width="117" height="45" border="0" id="Image9" /></a></td>
          <td width="103"><a href="evaluate_overview.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image8','','img/m_evaluate2.jpg',1)"><img src="img/m_evaluate.jpg" name="Image8" width="115" height="45" border="0" id="Image8" /></a></td>
          <td width="103"><a href="admin_login.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image15','','img/m_admin2.jpg',1)"><img src="img/m_admin.jpg" name="Image15" width="115" height="45" border="0" id="Image15" /></a></td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td width="1024" height="66" align="center" valign="top" bgcolor="#FFFFFF"><table width="1024" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td width="25" height="25" background="img/tb/tb_left_top.jpg">&nbsp;</td>
        <td height="25" background="img/tb/tb_top.jpg">&nbsp;</td>
        <td width="25" height="25" background="img/tb/tb_right_top.jpg">&nbsp;</td>
      </tr>
      <tr>
        <td width="25" align="left" background="img/tb/tb_left.jpg">&nbsp;</td>
        <td align="center"><table width="100%" border="0" cellspacing="0" cellpadding="0">
            <tr>
              <td height="30" align="left" bgcolor="#CCFF00" class="style7"><span class="scapmain style4 style12 style25 style9">&nbsp;<img src="img/img05.gif" align="absbottom" /></span><span class="style14"> ผู้ดูแลระบบ - เข้าสู่ระบบ</span></td>
            </tr>
            <tr>
              <td align="center" bgcolor="#FFFFFF"><p>              
                <p>
                <table width="481" height="151" border="0" cellpadding="5" cellspacing="5">
                      <form action="" method="post" name="frmLogin" target="_self" id="frmLogin" onSubmit="return chklogin();">
                        <tr>
                          <td width="128" rowspan="4" align="right" valign="middle"><img src="pic/lock.png" width="128" height="128" /></td>
                          <td width="81">&nbsp;</td>
                          <td width="170">&nbsp;</td>
                          <td width="31">&nbsp;</td>
                        </tr>
                        <tr>
                          <td align="right" nowrap="nowrap" class="style20"><strong>ชื่อผู้ใช้งาน</strong></td>
                          <td width="170" align="left" valign="middle"><label>
                            <input name="user" type="text" class="style1" id="user" size="25" maxlength="20" />
                          </label></td>
                          <td nowrap="nowrap" class="style29">* (อย่างน้อย 6 ตัวอักษร)</td>
                        </tr>
                        <tr>
                          <td align="right" nowrap="nowrap" class="style20"><strong>รหัสผ่าน</strong></td>
                          <td width="170" align="left" valign="middle"><label>
                          <input name="passwd" type="password" class="style1" id="passwd" size="26" maxlength="20" />
                          </label></td>
                          <td nowrap="nowrap" class="style29">* (อย่างน้อย 6 ตัวอักษร)</td>
                        </tr>
                        <tr>
                          <td>&nbsp;</td>
                          <td width="170" align="center"><input name="flag" type="hidden" id="flag" value="1" />
                              <input name="btnSubmit" type="submit" value="เข้าสู่ระบบ" id="btnSubmit" />                              </td>
                          <td>&nbsp;</td>
                        </tr>
                    </form>
                  </table>
              
               
              <p>&nbsp;</p>
              <p>&nbsp;</p></td>
            </tr>
            <tr>
              <td height="25" bgcolor="#CCFF00">&nbsp;</td>
            </tr>
        </table></td>
        <td width="25" align="right" background="img/tb/tb_right.jpg">&nbsp;</td>
      </tr>
      <tr>
        <td width="25" height="25" background="img/tb/tb_left_foot.jpg">&nbsp;</td>
        <td height="25" background="img/tb/tb_foot.jpg">&nbsp;</td>
        <td width="25" height="25" background="img/tb/tb_right_foot.jpg">&nbsp;</td>
      </tr>
    </table></td>
  </tr>
  
  <tr>
    <td width="1024" align="center" valign="bottom"><table width="50%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td height="25">&nbsp;</td>
      </tr>
    </table>
      <table width="1024" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td height="50"><table width="100%" border="0" cellspacing="0" cellpadding="0">
            <tr>
              <td width="25" height="25" background="img/tb/tb_left_top.jpg">&nbsp;</td>
              <td background="img/tb/tb_top.jpg">&nbsp;</td>
              <td width="25" height="25" background="img/tb/tb_right_top.jpg">&nbsp;</td>
            </tr>
            <tr>
              <td width="25" align="left" background="img/tb/tb_left.jpg">&nbsp;</td>
              <td height="25" align="center" valign="middle" bgcolor="#CCFF00"><table width="96%" border="0" cellspacing="0" cellpadding="0">
                  <tr>
                    <td height="25" align="center"><strong>ศูนย์ความรู้ด้านการเกษตร สำนักหอสมุด มหาวิทยาลัยเกษตรศาสตร์</strong></td>
                  </tr>
              </table></td>
              <td width="25" align="right" background="img/tb/tb_right.jpg">&nbsp;</td>
            </tr>
            <tr>
              <td width="25" height="25" background="img/tb/tb_left_foot.jpg">&nbsp;</td>
              <td background="img/tb/tb_foot.jpg">&nbsp;</td>
              <td width="25" height="25" background="img/tb/tb_right_foot.jpg">&nbsp;</td>
            </tr>
        </table></td>
      </tr>
    </table></td>
  </tr>
  <?php
include "connectdb.php" ;
$user = $_POST[user];
$passwd = $_POST[passwd];

//$sql = "SELECT Emp_Username, Emp_Password, Emp_Position
//   		FROM ag_employee  WHERE Emp_Username = '$user'  AND Emp_Password = '$passwd' ;";   
$sql = "SELECT * FROM ag_employee  WHERE emp_username = '$user'  AND emp_password = '$passwd' ;";   		
$sql2 = "SELECT count(emp_username) FROM ag_employee  WHERE emp_username = '$user'  AND emp_password = '$passwd' ;";   

$table = mysql_db_query($dbname,$sql) ;
$table2 = mysql_db_query($dbname,$sql2) ;


mysql_close();
$row = mysql_fetch_array($table);
$countrow = mysql_fetch_array($table2);

//if($flag==1)
if((($user!='')==true) and (($passwd !='')==true)==true)   //check blank
{  
	if(($countrow = mysql_fetch_array($table2))!=1) //query passed
			{	
						if($row["emp_username"] == $user and $row["emp_password"] == $passwd)  // login passed
								{  
												if($row["emp_position"] == "Admin" )
													{	
													$_SESSION['sess_ID'] 				= $row['emp_id'];
													$_SESSION['sess_Name'] 			= $row['emp_name'];
													$_SESSION['sess_LName'] 			= $row['emp_lname'];
													$_SESSION['sess_Position'] 		= $row['emp_position'];	
													$_SESSION['sess_Tel'] 				= $row['emp_tel'];	
													$_SESSION['sess_Email'] 			= $row['emp_email'];
													$_SESSION['sess_Pic'] 				= $row['emp_pic'];	
													$_SESSION['sess_Username'] 	= $row['emp_username'];	
													$_SESSION['sess_Password'] 		= $row['emp_password'];
													$_SESSION['sess_userid'] 			= session_id();
													
													echo " <meta http-equiv='refresh' content='0;URL=Admin_home.php'> "; 
													}
													
												else if($row["emp_position"] != "Admin")
													{
//													$_SESSION['sess_user'] = $row['Emp_Username'];
//													$_SESSION['sess_position'] = $row['Emp_Position'];
//													$_SESSION['sess_passwd'] = $row['Emp_Password'];
//													$_SESSION['sess_userid'] = session_id();
													$code = '3';
													?>
													<script>
													alert("คุณไม่มีสิทธิ์เข้าใช้งานในส่วนนี้");
													</script>
													<?
													//echo " <meta http-equiv='refresh' content='0;URL=errorlogin.php?&msg=$code'> ";
													}
								}
											
						else	//login not passed
								{  
							
									$code = '2';  //invalid username or password
									?>
									<script>
									alert("ชื่อผู้ใช้งาน หรือ รหัสผ่านผิด กรุณาตรวจสอบ");
									</script>
									<?
									//echo " <meta http-equiv='refresh' content='0;URL=errorlogin.php?&msg=$code'> "; 
								}
					}
	else
		{
	//	$code="user not found";
		$code= '2';
		?>
		<script>
		alert("ไม่มีชื่อนี้ในระบบ");
		</script>
		<?
		//echo " <meta http-equiv='refresh' content='0;URL=errorlogin.php?&msg=$code'> "; 
		}
}


}
?>
</table>
<p>&nbsp;</p>
</body>
</html>
<script>
btn_focus();
</script>